From a42fe114b7ebb5a31288b9234181628c3c76e66c Mon Sep 17 00:00:00 2001 From: WhiteLotusLA <43762553+WhiteLotusLA@users.noreply.github.com> Date: Thu, 8 Jan 2026 20:51:45 -0800 Subject: [PATCH] fix: update model_validator to use instance method signature Pydantic v2.12 deprecated using @model_validator(mode='after') with a classmethod-style signature (cls, values). This change updates the _validate_credentials method to use the correct instance method signature (self), which: - Eliminates the deprecation warning - Uses direct attribute access (self.username) instead of dict access - Returns self instead of values This is a non-breaking change that maintains the same validation logic while conforming to Pydantic v2.12+ best practices. Fixes deprecation warning: 'Using @model_validator with mode="after" on a classmethod is deprecated' Signed-off-by: WhiteLotusLA --- sdk/python/feast/permissions/auth_model.py | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/sdk/python/feast/permissions/auth_model.py b/sdk/python/feast/permissions/auth_model.py index 179a8bc0c0e..3690d62b728 100644 --- a/sdk/python/feast/permissions/auth_model.py +++ b/sdk/python/feast/permissions/auth_model.py @@ -33,25 +33,23 @@ class OidcClientAuthConfig(OidcAuthConfig): token: Optional[str] = None # pre-issued `token` @model_validator(mode="after") - def _validate_credentials(cls, values): + def _validate_credentials(self): """Enforce exactly one valid credential set.""" - d = values.__dict__ if hasattr(values, "__dict__") else values - - has_user_pass = bool(d.get("username")) and bool(d.get("password")) - has_secret = bool(d.get("client_secret")) - has_token = bool(d.get("token")) + has_user_pass = bool(self.username) and bool(self.password) + has_secret = bool(self.client_secret) + has_token = bool(self.token) # 1 static token if has_token and not (has_user_pass or has_secret): - return values + return self # 2 client_credentials if has_secret and not has_user_pass and not has_token: - return values + return self # 3 ROPG if has_user_pass and has_secret and not has_token: - return values + return self raise ValueError( "Invalid OIDC client auth combination: "